The hacker who hacked the information system of the Gemotest private laboratory network in 2022 and then published 300 GB of data belonging to the company’s customers was sentenced to 1.5 years of freedom restriction. In this respect reports Telegram channel Baza.
It turned out that the culprit was Alekperov Fuad Maarif’s son. He infiltrated the system via a remote corporate television site. Specifically, the attacker used a ready-made web shell (a script that allows you to remotely manage the server – editor’s note), which he downloaded through the administrator account of the corporate television presenter.
“A vulnerability in the server software allowed a malicious script disguised as a video file to be downloaded and executed. But that’s where it comes from [хакер] received an administrator account – unknown,” Baza writes.
The hacker then installed a number of other malicious services onto the corporate network via a web shell, allowing him to access the server where user data resides. They were stored in the same warehouse as the television files. Interdepartmental access was not limited.
Hackers before learned Stealing user information via Bluetooth.